23#include <xmlsec/nss/x509.h>
34#include <com/sun/star/xml/crypto/XXMLSignature.hpp>
43using ::com::sun::star::xml::wrapper::XXMLElementWrapper ;
44using ::com::sun::star::xml::crypto::XSecurityEnvironment ;
45using ::com::sun::star::xml::crypto::XXMLSignature ;
46using ::com::sun::star::xml::crypto::XXMLSignatureTemplate ;
47using ::com::sun::star::xml::crypto::XXMLSecurityContext ;
48using ::com::sun::star::xml::crypto::XUriBinding ;
52template <>
struct default_delete<xmlSecKeysMngr>
56template <>
struct default_delete<xmlSecDSigCtx>
58 void operator()(xmlSecDSigCtxPtr ptr) { xmlSecDSigCtxDestroy(ptr); }
64class XMLSignature_NssImpl
65 :
public ::cppu::WeakImplHelper<xml::crypto::XXMLSignature, lang::XServiceInfo>
68 explicit XMLSignature_NssImpl();
71 virtual uno::Reference<xml::crypto::XXMLSignatureTemplate> SAL_CALL
72 generate(
const uno::Reference<xml::crypto::XXMLSignatureTemplate>& aTemplate,
73 const uno::Reference<xml::crypto::XSecurityEnvironment>& aEnvironment)
override;
75 virtual uno::Reference<xml::crypto::XXMLSignatureTemplate> SAL_CALL
76 validate(
const uno::Reference<xml::crypto::XXMLSignatureTemplate>& aTemplate,
77 const uno::Reference<xml::crypto::XXMLSecurityContext>& aContext)
override;
89XMLSignature_NssImpl::XMLSignature_NssImpl() {
93Reference< XXMLSignatureTemplate >
94SAL_CALL XMLSignature_NssImpl::generate(
95 const Reference< XXMLSignatureTemplate >& aTemplate ,
96 const Reference< XSecurityEnvironment >& aEnvironment
99 xmlNodePtr pNode = nullptr ;
101 if( !aTemplate.is() )
104 if( !aEnvironment.is() )
108 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
109 if( !xElement.is() ) {
115 if( pElement ==
nullptr ) {
122 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
123 if( xUriBinding.is() ) {
134 if( pSecEnv ==
nullptr )
145 std::unique_ptr<xmlSecDSigCtx> pDsigCtx(xmlSecDSigCtxCreate(pMngr.get()));
146 if( pDsigCtx ==
nullptr )
154 if( xmlSecDSigCtxSign( pDsigCtx.get() , pNode ) == 0 )
156 if (pDsigCtx->status == xmlSecDSigStatusSucceeded)
157 aTemplate->setStatus(css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED);
159 aTemplate->setStatus(css::xml::crypto::SecurityOperationStatus_UNKNOWN);
163 aTemplate->setStatus(css::xml::crypto::SecurityOperationStatus_UNKNOWN);
167 if( xUriBinding.is() )
175Reference< XXMLSignatureTemplate >
176SAL_CALL XMLSignature_NssImpl::validate(
177 const Reference< XXMLSignatureTemplate >& aTemplate ,
178 const Reference< XXMLSecurityContext >& aSecurityCtx
180 xmlNodePtr pNode = nullptr ;
183 if( !aTemplate.is() )
186 if( !aSecurityCtx.is() )
190 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
196 if( pElement ==
nullptr )
202 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
203 if( xUriBinding.is() ) {
211 sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber();
214 for (i=0;
i<nSecurityEnvironment; ++
i)
216 Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i);
221 if( pSecEnv ==
nullptr )
230 std::unique_ptr<xmlSecDSigCtx> pDsigCtx(xmlSecDSigCtxCreate(pMngr.get()));
231 if( pDsigCtx ==
nullptr )
238 pDsigCtx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
241 if (xmlSecPtrListAdd(&(pDsigCtx->keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecNssKeyDataX509GetKlass()) < 0)
244 xmlBufferPtr pBuf = xmlBufferCreate();
245 xmlNodeDump(pBuf,
nullptr, pNode, 0, 0);
246 SAL_INFO(
"xmlsecurity.xmlsec",
"xmlSecDSigCtxVerify input XML node is '"
247 <<
reinterpret_cast<const char*
>(xmlBufferContent(pBuf))
252 int rs = xmlSecDSigCtxVerify( pDsigCtx.get() , pNode );
255 xmlSecSize nReferenceCount = xmlSecPtrListGetSize(&pDsigCtx->manifestReferences);
257 xmlSecSize nReferenceGood = 0;
258 for (xmlSecSize nReference = 0; nReference < nReferenceCount; ++nReference)
260 xmlSecDSigReferenceCtxPtr pReference =
static_cast<xmlSecDSigReferenceCtxPtr
>(xmlSecPtrListGetItem(&pDsigCtx->manifestReferences, nReference));
263 if (pReference->status == xmlSecDSigStatusSucceeded)
267 SAL_INFO(
"xmlsecurity.xmlsec",
"xmlSecDSigCtxVerify status " << pDsigCtx->status <<
", references good " << nReferenceGood <<
" of " << nReferenceCount);
269 if (rs == 0 && pDsigCtx->status == xmlSecDSigStatusSucceeded && nReferenceCount == nReferenceGood)
271 aTemplate->setStatus(css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED);
276 aTemplate->setStatus(css::xml::crypto::SecurityOperationStatus_UNKNOWN);
282 if( xUriBinding.is() )
291OUString SAL_CALL XMLSignature_NssImpl::getImplementationName()
293 return "com.sun.star.xml.crypto.XMLSignature";
297sal_Bool SAL_CALL XMLSignature_NssImpl::supportsService(
const OUString& rServiceName)
300 for (OUString
const & rCurrentServiceName : aServiceNames)
302 if (rCurrentServiceName == rServiceName)
309Sequence<OUString> SAL_CALL XMLSignature_NssImpl::getSupportedServiceNames()
311 return {
"com.sun.star.xml.crypto.XMLSignature" };
314extern "C" SAL_DLLPUBLIC_EXPORT uno::XInterface*
316 uno::Sequence<uno::Any>
const& )
318 return cppu::acquire(
new XMLSignature_NssImpl);
static void destroyKeysManager(xmlSecKeysMngrPtr pKeysMngr)
xmlSecKeysMngrPtr createKeysManager()
xmlNodePtr getNativeElement() const
void clearErrorRecorder()
Sequence< OUString > aServiceNames
#define SAL_INFO(area, stream)
css::uno::Sequence< OUString > getSupportedServiceNames()
OUString getImplementationName()
bool CPPUHELPER_DLLPUBLIC supportsService(css::lang::XServiceInfo *implementation, rtl::OUString const &name)
void operator()(xmlSecDSigCtxPtr ptr)
void operator()(xmlSecKeysMngrPtr ptr)
SAL_DLLPUBLIC_EXPORT uno::XInterface * com_sun_star_xml_crypto_XMLSignature_get_implementation(uno::XComponentContext *, uno::Sequence< uno::Any > const &)
int xmlRegisterStreamInputCallbacks(css::uno::Reference< css::xml::crypto::XUriBinding > const &aUriBinding)
int xmlUnregisterStreamInputCallbacks()